Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
revolution vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-4838
Multiple buffer overflows in CellFactor Revolution 1.03 and previous versions allow remote malicious users to execute arbitrary code via a long string in a (1) 0x21, (2) 0x22, or (3) 0x23 packet.
Immersion Games Cellfactor Revolution
1 EDB exploit
7.5
CVSSv2
CVE-2007-4832
Format string vulnerability in CellFactor Revolution 1.03 and previous versions allows remote malicious users to execute arbitrary code via format string specifiers in a malformed nickname.
Immersion Games Cellfactor Revolution
5
CVSSv2
CVE-2017-8115
Directory traversal in setup/processors/url_search.php (aka the search page of an unused processor) in MODX Revolution 2.5.7 might allow remote malicious users to obtain system directory information.
Modx Modx Revolution 2.5.7
2.6
CVSSv2
CVE-2010-4883
Cross-site scripting (XSS) vulnerability in manager/index.php in MODx Revolution 2.0.2-pl allows remote malicious users to inject arbitrary web script or HTML via the modhash parameter.
Modx Revolution 2.0.2-pl
1 EDB exploit
4.3
CVSSv2
CVE-2015-5151
Cross-site scripting (XSS) vulnerability in the Slider Revolution (revslider) plugin 4.2.2 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the client_action parameter in a revslider_ajax_action action to wp-admin/admin-ajax.php.
Themepunch Slider Revolution 4.2.2
10
CVSSv2
CVE-2010-5310
The Acquisition Workstation for the GE Healthcare Revolution XQ/i has a password of adw3.1 for the sdc user, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires...
Gehealthcare Revolution Xq\\/i
3.5
CVSSv2
CVE-2018-10382
MODX Revolution 2.6.3 has XSS.
Modx Modx Revolution 2.6.3
5
CVSSv2
CVE-2006-2848
links.asp in aspWebLinks 2.0 allows remote malicious users to change the administrative password, possibly via a direct request with a modified txtAdministrativePassword field.
Full Revolution Aspweblinks 2.0
1 EDB exploit
7.5
CVSSv2
CVE-2004-1552
SQL injection vulnerability in aspWebCalendar allows remote malicious users to execute arbitrary SQL statements via (1) the username field on the login page or (2) the eventid parameter to calendar.asp.
Full Revolution Aspwebcalendar 4.5
2 EDB exploits
4.3
CVSSv2
CVE-2014-8992
Cross-site scripting (XSS) vulnerability in manager/assets/fileapi/FileAPI.flash.image.swf in MODX Revolution 2.3.2-pl allows remote malicious users to inject arbitrary web script or HTML via the callback parameter.
Modx Modx Revolution 2.3.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »